<?php include('config.php');
  session_start();
function secure() {
global $_SESSION;
  if (!($_SESSION["pass"]) || ($_SESSION["pass"] == "")) {
echo '<script> parent.location="http://'.$_SERVER["HTTP_HOST"].''.dirname("$_SERVER[SCRIPT_NAME]").'/"; </script>'; exit(); } }
/*****[BEGIN]******************************************
 [ Base:     oPanel Defines                   v2.1.1 ]
 ******************************************************/ 
//-[oPanelVer_Info]-----|
$ver = '3 BETA';//------|\
$ver_full = '3.0.1B2';//|->
$liceCheck = true;//----|/
//----------------------|
define( 'API_SERVER', 'http://localhost/API/oPanel/premium/server.php' );
define( 'ROOT_PATH', dirname( __FILE__ ) .DIRECTORY_SEPARATOR );
define( 'FUNCTIONS_PATH'  , ROOT_PATH.'functions'.DIRECTORY_SEPARATOR );
define( 'USERS_PATH'  , ROOT_PATH.'users'.DIRECTORY_SEPARATOR );
define( 'LOGS_PATH'  , ROOT_PATH.'logs'.DIRECTORY_SEPARATOR );
define( 'ADMIN_PATH'  , ROOT_PATH.'admin'.DIRECTORY_SEPARATOR );
define( 'USER_IP' , $_SERVER['REMOTE_ADDR'] );
define( 'CONNECT_ERR'  , '<b>oPanel Connection Error:</b> A connection could not be made with the oPanel license server. Due to BETA version restrictions this is a fatal error and oPanel cannot continue to load.<br /><br /><b>oPanel notice:</b> The loading of limited functionality mode has been canceled.<br /><br />' );
define( 'LICENSE_ERR' , '<b>oPanel License Error:</b> oPanel cannot find your license, <a href="index.php?op=1">please click here</a> and enter a valid license key to continue using oPanel<br /><br />' );
define( 'LIMFUNKADMIN_ERR' , '<b>oPanel notice:</b> During the limited functionality mode the oPanel Administration area is disabled. The reason for this is to prevent license avoidance. The admin area will be re-enabled once a connection has been re-established with the oPanel license servers.<br /><br />' );
if(file_exists(ROOT_PATH.'license.oplf')) { $license = file_get_contents(ROOT_PATH.'license.oplf'); } else {
if(!isset($_GET['op'])) { die(LICENSE_ERR); } else { $liceCheck = false; } }

function API_Connect($request, $lice=false) {
$ch = curl_init();
	curl_setopt($ch, CURLOPT_URL, API_SERVER);
	curl_setopt($ch, CURLOPT_VERBOSE, 1);
	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
	curl_setopt($ch, CURLOPT_POST, 1);
	curl_setopt($ch,CURLOPT_POSTFIELDS,$request);
$response = curl_exec($ch);
	$RepArray=deformatNVP($response);
if($lice == true && !isset($RepArray['LICETYPE']) && !isset($RepArray['ERROR'])) {
return loadLice(); // Support for License Extending =D
// die(CONNECT_ERR);
} elseif($lice == true && (!isset($_SESSION['oPinfo']['ERROR']))) {
saveLice($RepArray);
}	if (curl_errno($ch)) {
		// moving to display page to display curl errors
			die('API ERROR');
	 } else {
		 //closing the curl
			curl_close($ch);
	 }
	 return $RepArray;
} // End API conenct
/*****[END]********************************************
 [ Base:     oPanel Defines                   v2.1.1]
 ******************************************************/
 
/*****[BEGIN]******************************************
 [ Base:     oPanel Functions                  v2.1.0 ]
 ******************************************************/
 function deformatNVP($nvpstr)
{
	$intial=0;
 	$nvpArray = array();
	while(strlen($nvpstr)){
		//postion of Key
		$keypos= strpos($nvpstr,'=');
		//position of value
		$valuepos = strpos($nvpstr,'&') ? strpos($nvpstr,'&'): strlen($nvpstr);
		/*getting the Key and Value values and storing in a Associative Array*/
		$keyval=substr($nvpstr,$intial,$keypos);
		$valval=substr($nvpstr,$keypos+1,$valuepos-$keypos-1);
		//decoding the respose
		$nvpArray[urldecode($keyval)] =urldecode( $valval);
		$nvpstr=substr($nvpstr,$valuepos+1,strlen($nvpstr));
     }
	return $nvpArray;
} // End Deformat NVP

function updatePass($username,$NewPass) {
$oldPass = check($username);
$file = USERS_PATH.$_SESSION["user"].".opuf";
$lines = file($file);
$i = 0;
foreach ($lines as $line_num => $line) {
$hobla = str_replace('Password="'.$oldPass.'"', 'Password="'.crypt(md5($NewPass), md5($username)).'"', $line);
if($i == 0) {
   $handle = fopen($file, 'w+');
   fwrite($handle, $hobla);
   fclose($handle);

} else {
   $handle = fopen($file, 'a+');
   fwrite($handle, $hobla);
   fclose($handle);
} $i++; } return true; }
/*****[BEGIN]******************************************
 [ Base:     oPanel Login Functions          v2.0.0 ]
 ******************************************************/
function ResetAttempts($username, $current) {
$file = USERS_PATH.$username.".opuf";
$lines = file($file);
$i = 0;
foreach ($lines as $line_num => $line) {
$hobla = str_replace('LoginAttempts="'.$current.'"', 'LoginAttempts="1"', "".$line."");
if($i == 0) {
   $handle = fopen($file, 'w+');
   fwrite($handle, $hobla);
   fclose($handle);
} else {
   $handle = fopen($file, 'a+');
   fwrite($handle, $hobla);
   fclose($handle);
} $i++; } }

function AddAttempt($username, $current, $attempt) {
$file = USERS_PATH.$username.".opuf";
$lines = file($file);
$i = 0;
foreach ($lines as $line_num => $line) {
$hobla = str_replace('LoginAttempts="'.$current.'"', 'LoginAttempts="'.$attempt.'"', "".$line."");
if($i == 0) {
   $handle = fopen($file, 'w+');
   fwrite($handle, $hobla);
   fclose($handle);
} else {
   $handle = fopen($file, 'a+');
   fwrite($handle, $hobla);
   fclose($handle);
} $i++; } }

function LastLogin($username, $current, $lastIP, $time=false) {
if($time == false) { $time = date("d.m.y, H:i:s"); }
$file = USERS_PATH.$username.".opuf";
$lines = file($file);
$i = 0;
foreach ($lines as $line_num => $line) {
$hobla = str_replace('LastLogin="'.$current.'"', 'LastLogin="'.$time.'"', $line);
$hobla = str_replace('IP="'.$lastIP.'"', 'IP="'.USER_IP.'"', $hobla);
if($i == 0) {
   $handle = fopen($file, 'w+');
   fwrite($handle, $hobla);
   fclose($handle);
} else {
   $handle = fopen($file, 'a+');
   fwrite($handle, $hobla);
   fclose($handle);
} $i++; } }

function login_check($forms) {
  $error = "";
$username = $forms['username'];
  if (trim($username) == "") { $error .= "<center><b>Your username is empty.</b></center>"; return $error; }
if(file_exists("users/" . $forms['username'] . ".opuf")) {
$user = file_get_contents("users/" . $forms['username'] . ".opuf");
preg_match('/LoginAttempts="(.*)"/', $user, $attempts);
preg_match('/LastLogin="(.*)"/', $user, $last);
preg_match('/Password="(.*)"/', $user, $match);
preg_match('/IP="(.*)"/', $user, $IP);
$pass = $match[1];
$attempts = $attempts[1];
$lastlogin = $last[1];
$lastIP = $IP[1];
if($lastIP == '0.0.0.0') { $error = 'new'; }
if($attempts > 3) {
if($lastlogin > date("d.m.y, H:i:s")) {
$error = "<center><b>This account is locked out.</b></center>";
return $error;
} else {
ResetAttempts($forms['username'], 4);
LastLogin($forms['username'], $lastlogin, $lastIP);
} // end locked out account checking
} elseif($attempts == 3) {
$time = date("d.m.y, H:i:s", strtotime("+30 minutes"));
LastLogin($forms['username'], $lastlogin, $lastIP, $time);
} // end the account locking
$password = $forms['password'];
  if (trim($password) == "") { $error .= "<center><b>Your password is empty.</b></center>"; return $error; }
  if (crypt(md5($forms['password']), md5($forms['username'])) != $pass) {
$error .="<font class=red><center>Incorrect Username / Password</center></font>";
$newAtt = $attempts;
$newAtt++;
AddAttempt($forms['username'], $attempts, $newAtt);
} // end the password checking
} else {
$error .= "<font class=red><center>Incorrect Username / Password</center></font>"; // no user exists!
} return $error; }

function power($username) {
if(file_exists(USERS_PATH.$username.".opuf")) {
$user = file_get_contents(USERS_PATH.$username.".opuf");
preg_match('/Power="(.*)"/', $user, $match);
return $match[1]; } }

function trash($username, $type) {
if(file_exists(USERS_PATH.$username.".opuf")) {
$user = file_get_contents(USERS_PATH.$username.".opuf");
preg_match('/trashdir="(.*)"/', $user, $dir);
preg_match('/trashfile="(.*)"/', $user, $file);
if($type == 'dir') {
return $dir[1];
} else { return $file[1]; } } }

function HomeDir($username) {
if(file_exists(USERS_PATH.$username.".opuf")) {
$user = file_get_contents(USERS_PATH.$username.".opuf");
preg_match('/Home="(.*)"/', $user, $match);
return $match[1]; } }

function login($username, $password) {
if(file_exists(USERS_PATH.$username.".opuf")) {
$user = file_get_contents(USERS_PATH.$username.".opuf");
preg_match('/Password="(.*)"/', $user, $pass);
preg_match('/LoginAttempts="(.*)"/', $user, $attempts);
preg_match('/LastLogin="(.*)"/', $user, $last);
preg_match('/IP="(.*)"/', $user, $IP);
  if (crypt(md5($password), md5($username)) == $pass[1]) {
ResetAttempts($username, $attempts[1]);
LastLogin($username, $last[1], $IP[1]);
  return $pass[1]; } } }

/*****[END]********************************************
 [ Base:     oPanel Login Functions          v2.0.0 ]
 ******************************************************/
function check($username) {
if(file_exists(USERS_PATH.$username.".opuf")) {
$user = file_get_contents(USERS_PATH.$username.".opuf");
preg_match('/Password="(.*)"/', $user, $match);
$pass = $match[1];
  return $pass; } }

function validateIPAuthentication() {
require_once('includes/banned.inc.php');
$USR_IP = 'u'.str_replace(".", "_", USER_IP); if (isset($$USR_IP)) {
   if($$USR_IP != 'INDEFINATE') { $time = date("d.m.y, H:i:s"); } if(date("d.m.y, H:i:s") > $time){ unban(USER_IP); } else {
   log_write('admin', "Banned IP (".USER_IP.") attempted to access the oPanel", 'oPanel Notice');
       die('<b>oPanel Error:</b> Your IP address has been blocked from accessing oPanel.<br />
	   Your IP shall be unblocked after the following date and time: <b>'.$$USR_IP.'</b><br /><br />'); } } }

function unban($who) {

}
	   
function saveLice($RepArray) {
$lice_details = " - oPanel License Secure backup -";
foreach($RepArray as $key => $value) { $lice_details .= "\n".$key.'="'.$value.'"'; }
$fp = @fopen(ROOT_PATH.'licenseStore.oplf',"w+");
fwrite($fp, base64_encode($lice_details));
fclose($fp); } // END License Saving Function

function loadLice() {
$licen = base64_decode(file_get_contents(ROOT_PATH."licenseStore.oplf"));
preg_match('/ERROR="(.*)"/', $licen, $errtest);
$liceInf = array('ERROR' => $errtest[1]);
if($liceInf['ERROR'] == '') {
preg_match('/LATESTVER="(.*)"/', $licen, $latestver);
preg_match('/LATESTBUILD="(.*)"/', $licen, $latestbuild);
preg_match('/BETAVER="(.*)"/', $licen, $betaver);
preg_match('/BETATESTERS="(.*)"/', $licen, $betatesters);
preg_match('/NEWS="(.*)"/', $licen, $news);
preg_match('/REGTO="(.*)"/', $licen, $regTo);
preg_match('/LICETYPE="(.*)"/', $licen, $licetype);
preg_match('/SUPPORTENDS="(.*)"/', $licen, $supportends);
$liceInf = array('LATESTVER' => $latestver[1],
'LATESTBUILD' => $latestbuild[1],
'BETAVER' => $betaver[1],
'BETATESTERS' => $betatesters[1],
'NEWS' => $news[1],
'REG_TO' => $regTo[1],
'LICETYPE' => $licetype[1],
'SUPPORTENDS' => $supportends[1],
'LIMITEDMODE' => true); } return $liceInf; }
/*****[END]********************************************
 [ Base:     oPanel Functions                  v2.1.0 ]
 ******************************************************/
 validateIPAuthentication();
if($liceCheck == true) { $_SESSION['oPinfo'] = API_Connect("TYPE=".urlencode('LicenseCheck')."&CODE=".urlencode($license)."&DOMAIN=".urlencode($_SERVER["SERVER_NAME"]), true); }
if($ver_full != $_SESSION['oPinfo']['BETAVER']) {
error_reporting(0); if($_SESSION['oPinfo']['LICETYPE'] == 'Beta License') { die('<b>oPanel License Error:</b> Your oPanel license is invalid'); }
} else { error_reporting(E_ALL); $beta = true; }
require_once('opfunctions.inc.php');
$BETAtesters = $_SESSION['oPinfo']['BETATESTERS'];
if(defined('In_Admin') == true && (isset($_SESSION['oPinfo']['LIMITEDMODE']) && $_SESSION['oPinfo']['LIMITEDMODE'] == true)) {
die(LIMFUNKADMIN_ERR); } require_once('includes/class_xml.php');
if(isset($_SESSION['oPinfo']['ERROR']) && $_SESSION['oPinfo']['ERROR'] != "") {
echo '<html><head><title>oPanel License Error</title></head><body>'; $error = $_SESSION['oPinfo']['ERROR'];
if($error == 1) die("<b>oPanel License Error:</b> Your copy of oPanel is not licensed");
if($error == 2) die("<b>oPanel License Error:</b> Your oPanel license is invalid");
if($error == 3) die("<b>oPanel License Error:</b> Your oPanel license is invalid");
if($error == 4) die("<b>oPanel License Error:</b> Your oPanel license is invalid for this domain");
if($error == 5) die("<b>oPanel License Error:</b> Your license is not valid for the amount of domains you are currently using. Your license key has therefore been deactivated, please contact OlliesPage.net support in order to reduce the amount of domains in use and re-activate your license.<br /><br />Alternatively you can contact the billing department and upgrade your license to one which supports more domains");
if($error == 6) die("<b>oPanel License Error:</b> Contact OlliesPage.net support to resolve this issue");
if($error == 7) die("<b>oPanel License Error:</b> Your free oPanel license has expired. If you wish to continue using oPanel please <a href=''>click here to purchase a license.</a>"); } ?>